Facebook Tracking
Background image

Blog

Stay updated on recent news and the latest industry trends, and read expert commentary written by the AttackIQ team.

"Think Bad. Do Good" Podcast Episode 3: Best Practices in Threat-Informed Defense

Learn from two former Defense Department cybersecurity leaders about how to implement a threat-informed defense strategy to optimize your cybersecurity effectiveness. 

Read More

AttackIQ Includes MITRE ATT&CK’s New Sub-techniques for Customers

This week, MITRE releases new sub-techniques for the MITRE ATT&CK framework. What do those sub-techniques mean for the world and how is AttackIQ amplifying MITRE's work? 

Read More

Purple Teaming Chronicles II: Red-Team Augmentation

In this second blog post in our series on purple teaming, we explore how a purple team can best react to an incoming attack to defend the enterprise and the benefits of automated attack capabilities for augmenting red team operations. 

Read More

Australian Cyber Security Centre (ACSC) Attacker Trends: Useful Information from the Government

Australia’s national-level cybersecurity authority released the 2019-2020 cyber attacker tradecraft trends, an artifact which exposes the tactics, techniques and procedures being used...

Read More

"Think Bad, Do Good" Ep 2: How to achieve cybersecurity effectiveness

A conversation with the Chertoff Group’s Adam Isles and Kurt Alaybeyoglu, hosted by Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy at AttackIQ. ​

Read More

COVID-19 Is Forcing Hard Cybersecurity Choices

Pandemic relief spending will likely prevent the implementation of most of the Cybersecurity Solarium Commission’s recommendations. Here’s how to prioritize them.

Read More

Before the Election, States Need to Test their Cybersecurity Continuously

States have invested in cybersecurity for the election - but do they test it effectively?

Read More

Purple Teaming Chronicles Part 1

This is the first post in a series about the tactics, techniques, and behaviors that “purple teams” can use to defend their data. In this series we will depict how the AttackIQ Platform can be used as a purple teaming resource to enhance the capabilities and the collaboration between blue and red teams to improve the company's overall security posture.

Read More

2020 Verizon Data Breach Investigations Report: Analysis, Findings, and AttackIQ Commentary

This week, Verizon released it’s highly anticipated annual Data Breach Investigations Report (DBIR), now in its 13th year of publication. AttackIQ is honored to be an ongoing contributor and to help the cybersecurity industry make better decisions around a threat informed defense strategy.

Read More

Why I joined AttackIQ: Compelling Mission, Amazing Team

Julie O'Brien joins AttackIQ as CMO. Learn why the company excited her and read her views about how AttackIQ helps leaders solve complex cybersecurity challenges.

Read More

Threat-Informed Defense and Purple Teaming: Lessons from U.S. Cyber Command

Two national security professionals offer lessons on how the U.S. military has developed a threat-informed defense strategy for operations and purple teaming.

Read More

Fingerprinting FIN7

This is a new blog post on the work we are doing at AttackIQ to help our customers to emulate known threats and test the performance of their security controls against them, this time focusing on FIN7.

Read More

Defeating a Cloud Breach Part 3

Do you believe you are monitoring and identifying any unexpected access to the information stored in the Cloud? If the answer is no, don’t be worried about it! In this blog post we are going to give you some solutions.

Read More

Defeating a Cloud Breach Part 2

Are you protecting well your instance profile credentials in AWS? Learn how to protect your Access Keys stored in the Metadata Service, to ensure that you can detect and prevent any unintended access to them. 

Read More

Defeating a Cloud Breach Part 1

Do you want to know how to identify a security breach in your Cloud infrastructure? In this blog post series we present how to carry out a breach simulation in Cloud based on a real threat and how to set up the security controls needed to prevent and detect them.

Read More

Component Object Model Hijacking

Learn how to carry out a Component Object Model Hijacking attack in the same way as our scenarios do. In this blog post you will discover all the intricacies to ensure that you can detect such a malicious activity.

Read More

Emulating APT29 with AttackIQ

Do you want to test the efficacy of your security tools against a full attack chain of a known threat actor? In this blog post we present an Assessment Template designed to emulate APT29 tactics, techniques and procedures (TTPs).

Read More

Where to Find AttackIQ at RSA 2020

Heading to the RSA Conference this year?

AttackIQ is excited to announce we will have an expanded presence at RSA 2020 this February.

Here’s where you can find us throughout the week! 

Read More

The Hornet’s Nest was just Kicked… What’s Your Move?

Read More

AttackIQ’s Extreme Ownership – Giving back to our community through research

I am pleased to announce that AttackIQ has been selected as one of the ten founding members of the MITRE Engenuity Center for Threat Informed Defense (CTID). 

Read More